Apologies if this message is arriving for a second time. My email client
is wigging out and I'm not sure it was ever really sent the first
time... :-(
-------- Original Message --------
Subject: Re: [ic] [permissions] who is on first?
Date: Thu, 11 Dec 2003 14:37:22 -0500
From: Aaron Straup Cope <asc at vineyard.net>
Reply-To: asc at vineyard.net
To: interchange-users at icdevgroup.org
References: <3FD79712.7040304 at vineyard.net>
<5.2.1.1.0.20031210150259.02fd00d8 at mail.newmediaems.com>
<20031210233819.GA5598 at bill.heins.net>
Mike Heins wrote:
>>>When the program is complaining about permissions, is it complaining about
>>>file-system permissions or it's own internal table of allowable actions
>>>for a user? (I am logged in a the site admin/super user.)
>>>>That message would suggest a problem with logical permissions within the
>>UI, not file system permissions.
>>>>> Also, if you are using DBM you are set up for problems. We now
> require SQL for catalogs if you are going to use the Admin UI.
----
Thanks all for the speedy responses. Sadly, I am unable to "fix" the
problem despite :
* moving everything over to MySQL (...Using MySQL, DSN=...done.)
* giving the user in question complete access over everything via the
'Edit Permissions' UI interface - specifically : view, edit, create
and delete (but not HIDE) permissions on all the tables listed. (I
made sure to "apply changes".)
And yet when I try to change the status on an order, I get redirected to
the login page and Interchange has forgotten who I am.
Could it a cookie thing? I'm using Mozilla/Firebird set to alert me
whenever a new cookie is set and I'm not seeing anything. I tried to
gleen something by looking at the actual HTTP headers (included below)
but I didn't suggest an obvious solution to me.
Any suggestions on where to look next, or where to start adding
gratuitous "print STDERR" statements would be much appreciated.
Thanks,
----
# The program is being run through cgiwrap with a set up rewrite [PT]
# directives to hide the ugly URLs
# Trying to update status on an item
POST /aaronstore/ui.html?id=5tZsWd8H HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 333
mv_doit=set&mv_click=process_filter&mv_nextpage=admin%2Forder_view&code=TEST0003&mv_data_table=transactions&ui_meta_specific=&mv_data_key=code&mv_update_empty=1&mv_data_fields=code+status+archived+deleted&status=&status=shipped&ui_filter%3Astatus=nullselect&deleted=0&archived=0&lines_shipped=TEST0003-1&mv_click=Change+global+status
HTTP/1.x 302 moved
Set-Cookie: MV_SESSION_ID=FLXbbsI9:127.0.0.1;
path=/cgi-bin/cgiwrap/asc/aaronstore;
Set-Cookie: MV_SESSION_ID=FLXbbsI9:127.0.0.1;
path=/cgi-bin/cgiwrap/asc/aaronstore;
Set-Cookie: MV_SESSION_ID=FLXbbsI9:127.0.0.1;
path=/cgi-bin/cgiwrapd/asc/aaronstore;
Set-Cookie: MV_SESSION_ID=FLXbbsI9:127.0.0.1;
path=/cgi-bin/cgiwrapd/asc/aaronstore;
Location:
/aaronstore/admin/login?mv_session_id=FLXbbsI9&mv_pc=1&destination=admin%2forder_view
# Login page
GET
/aaronstore/admin/login?mv_session_id=FLXbbsI9&mv_pc=1&destination=admin%2forder_view
HTTP/1.1
X-Track: SESSION=FLXbbsI9&VIEWPAGE=admin/login
Set-Cookie: MV_SESSION_ID=FLXbbsI9:127.0.0.1;
path=/cgi-bin/cgiwrap/asc/aaronstore;
Set-Cookie: MV_SESSION_ID=FLXbbsI9:127.0.0.1;
path=/cgi-bin/cgiwrap/asc/aaronstore;
Set-Cookie: MV_SESSION_ID=FLXbbsI9:127.0.0.1;
path=/cgi-bin/cgiwrapd/asc/aaronstore;
Set-Cookie: MV_SESSION_ID=FLXbbsI9:127.0.0.1;
path=/cgi-bin/cgiwrapd/asc/aaronstore;